CVE-2016-7623: Infoleak
First published: Mon Feb 20 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information via a blob URL on a web site.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iStyle @cosme iPhone OS | <=10.1.1 | |
| Apple Mobile Safari | <=10.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-7623?
CVE-2016-7623 has been rated as a moderate severity vulnerability due to its potential to expose sensitive information.
How do I fix CVE-2016-7623?
To fix CVE-2016-7623, update your iOS to version 10.2 or later and Safari to version 10.0.2 or later.
Which software versions are affected by CVE-2016-7623?
CVE-2016-7623 affects iOS versions prior to 10.2 and Safari versions prior to 10.0.2.
What type of vulnerability is CVE-2016-7623?
CVE-2016-7623 is a security vulnerability in the WebKit component that can enable information disclosure.
Who can exploit CVE-2016-7623?
Remote attackers can exploit CVE-2016-7623 by crafting malicious blob URLs on websites.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/author
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/istyle @cosme iphone os
- version/istyle @cosme iphone os/10.1.1
- canonical/apple mobile safari
- version/apple mobile safari/10.0.1